[Cryptography] [FORGED] Re: Why is ECC secure?

[Peter Gutmann]

Phillip Hallam-Baker <phill at hallambaker.com> writes:

>That is why I start teaching public key cryptography with digital signatures
>rather than encryption.

Depending on what your overall goal is, I would argue that teaching public-key
cryptography at anything other than a very abstract level is detrimental
rather than helpful.  A year or two back I was doing some work with a company
who had a pretty bright intern in who'd learned the theory behind RSA, DH, ECC
(he had an enthusiastic teacher who was into all of these things), and was
pretty good at all of that.

This provided him with approximately zero help when he had to work with a SCEP
client and X.509 certificates.  Even if someone had asked him to write an RSA
implementation from scratch (why would anyone ever do that?), since there
wasn't time in the course to cover every nuance of every PKC algorithm (side-
channels, formatting issues, use of entropy/nonces, etc etc) the result would
have been an implementation that needed another five years of massaging and
upgrading before it was ready for real-world use.

So he would have been better served with a course that provided a fairly
abstract overview of the principles of PKCs, and then a lot of exposure to how
they're applied in the real world.  He was a bright, enthusiastic kid so I
just hope his first experience with real-world use of these systems didn't
scare him away...

Peter.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150608/a0881c24/attachment.html>